/build/static/layout/Breadcrumb_cap_w.png
08/31/2018 251 views
Reference this thread on what Kace does to the UserInit registry.

My question is: Will reverting the value of this registry to 'C:\windows\system32\userinit.exe,' have any significant consequence with K1000 and/or K2000's ability to run any of my tasks to the machine?  

Here's why I'm asking:
File Explorer opens whenever a user logs into a computer as a result of UserInit being updated to point to c:\windows\system32\kusrinit.exe, by the KACE agent.  We're on the latest version.  

I work in a hospital and we have computers in exam rooms that we lock down pretty heavily, as we have patients, 14-year-old hacker wannabes who we have to assume will hop on the computer and mess around while waiting for a doctor.  File Explorer is one of the things we prefer to disable access to.  Now that we have KACE, that's changing.  

We're still pretty new to KACE, just got it this year and I'm finally able to start focusing on its utilization.  Is there a precise answer here?  What's the worst thing that will happen if I update this registry value for these locked-down, exam room computers?

Thanks.

EDIT: For anyone reading, updating to v.6.0.425 fixed everything.  
0 Comments   [ + ] Show comments

Comments



Community Chosen Answer

3
if you change the setting it will have the same effect as the SMA agent is installed with the NOHOOKS parameter.

You will lose the opportunity to run scripts and MI before the user logs in and the desktop loads (iE MI only run with a logged in user)

The SDA does not need this function.

I by myself always install agents with NOHOOKS since this registry key is used by some 3rd party software for their own stuff so the agent install may break them (since it overwrites the key), Microsoft is not always very bright with the design of the registry...
Answered 09/01/2018 by: Nico_K
Red Belt

  • Thanks. That gives me something to investigate!

All Answers

0
Just FYI - New variation of kusrinit issue. We're using SMA 7.2, and I started pushing the 7.2 agent out last week to about 250 computers. No problems there, but yesterday I pushed that agent to our conference room computers. One of them (so far) would log out any non-admin user as soon as they logged in. I could log in with my admin account, but just got a black screen. I used Task mgr to open a cmd window, then regedit and changed the kusrinit.exe entry in WinLogon (it was the only entry) back to userinit.exe. After that, users were able to log in and admins got a normal login screen.

This is the first time in 6 years of K1000 use that I've seen this happen. I'll probably remove and reinstall the agent to see if that allows it to run with the kusrinit.


Answered 10/11/2018 by: tpr
Black Belt

0
This is a result of having both userinit.exe and kurinit.exe within the same Userinit key. Remove userinit.exe and the issue will go away.
Answered 09/05/2018 by: JBHorne
White Belt